Since 19 December 2020 7pm CET we see a possible worldwide DDOS amplify attack against Citrix Gateway UDP:443 DTLS EDT services.
11.01.2021: Added information about the new Citrix ADC Gateway (formerly NetScaler) firmware releases, which solve the memory leak issue with -helloVerifiyRequest
24.12.2020: Added information about the official Citrix Knowledge Center article CTX289674
Added a final summary, that repeats all possible solutions
Maked it a lot clearer, that -helloVerifiyRequest doesn’t seem to work well
22.12.2020: Added a warning note, that -helloVerifiyRequest doesn’t work on all Citrix ADC (NetScaler) firmware versions
21.12.2020: Added a third possible solution regarding -helloVerifiyRequest
21.12.2020: Initial version
During the night from Saturday (19.12.2020) to Sunday (20.12.2020) our Zabbix Monitoring informed us, that several Citrix Gateway VPX (50) appliances were at its license cap. We investigated the situation and soon found out, that we had 0 ICA sessions on most of them, hence no explanation for the traffic.
tl;dr: Create a blog, check out Twitter and follow the community.
Share content, even if you’re no Pro, everybody needs to start somewhere.
A few years ago I was thinking about which path I should take in my IT career. My key competences were clear for some time. During and after my apprenticeship at my employer ANAXCO GmbH, I was on several instructor-led Citrix classroom courses. One of my main tasks in our company is the design and configuration of Citrix virtual apps and Desktops Sites (formerly XenApp & XenDesktop Farms) for the provisioning of Microsoft Dynamics AX 2009 / 2012 / 365. There is a reason our company’s name is “AN AX COmpany”. So my work with CVAD and Citrix Gateway (formerly NetScaler Gateway) was already settled. Besides that I had the opportunity to go to a brilliant deep dive classroom course for Microsoft Group Policy at NT-Systems in Germany. Continue reading “I did become a CTA – How did that happen?”